This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/f06191-b0a8-4950-b027-deec6fcf2d95/1/HDRPEVl1lIgoU6eVgd0r94nusx8.mft File: HDRPEVl1lIgoU6eVgd0r94nusx8.mft (raw, json) Hash identifier: X2wSLgSYYb0lzzJVnDUW9iLI/J3biXFvIEEtRawP8OU= Subject key identifier: 6E:49:91:BB:9C:B7:F6:2C:84:6F:0E:F8:4B:A7:57:8A:16:C1:CE:AC Authority key identifier: 1C:34:4F:11:59:75:94:88:28:53:A7:95:81:DD:2B:F7:89:EE:B3:1F Certificate issuer: /CN=1c344f11597594882853a79581dd2bf789eeb31f Certificate serial: 019AF464FCDB4DE982E2B01BF36BF717AC75 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDRPEVl1lIgoU6eVgd0r94nusx8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/f06191-b0a8-4950-b027-deec6fcf2d95/1/HDRPEVl1lIgoU6eVgd0r94nusx8.mft Manifest number: 1536 Signing time: Sat 06 Dec 2025 16:00:50 +0000 Manifest this update: Sat 06 Dec 2025 16:00:50 +0000 Manifest next update: Sun 07 Dec 2025 16:00:50 +0000 Files and hashes: 1: HDRPEVl1lIgoU6eVgd0r94nusx8.crl (hash: 8spqfARrkQJoqvIm/lKpKbLkvZNADBw7bq3eVyZnzAc=) 2: OLwYzj-fOtPupeVPjMakvIdCk14.roa (hash: w82sMMgD2hDeR96YGrYPpR7eSx7BTygOkVtPfhR7sSk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/f06191-b0a8-4950-b027-deec6fcf2d95/1/HDRPEVl1lIgoU6eVgd0r94nusx8.crl rsync://rpki.ripe.net/repository/DEFAULT/98/f06191-b0a8-4950-b027-deec6fcf2d95/1/HDRPEVl1lIgoU6eVgd0r94nusx8.mft rsync://rpki.ripe.net/repository/DEFAULT/HDRPEVl1lIgoU6eVgd0r94nusx8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:64:fc:db:4d:e9:82:e2:b0:1b:f3:6b:f7:17:ac:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1c344f11597594882853a79581dd2bf789eeb31f Validity Not Before: Dec 6 16:00:50 2025 GMT Not After : Dec 7 16:00:50 2025 GMT Subject: CN=6e4991bb9cb7f62c846f0ef84ba7578a16c1ceac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:8a:8b:d5:b8:49:4f:f4:82:f7:bf:e8:b8:f1: 4b:84:9b:93:4d:f9:47:65:26:b2:97:1c:fb:b7:9b: 16:18:0c:c7:5b:ed:db:12:98:15:5f:67:97:ef:a2: 81:5f:d3:72:34:84:64:af:e9:1e:fa:08:08:28:55: 17:cc:26:f1:99:7e:fb:34:69:01:47:b0:cd:34:db: 05:ed:49:15:c0:93:bc:97:b2:73:1a:28:d1:10:45: d6:9b:2a:af:06:84:c1:eb:3c:30:03:0c:0f:6c:54: 5c:fd:85:6f:d9:8e:d5:88:1d:b7:d7:2a:36:89:1d: a8:42:51:77:d5:e7:b0:0e:e1:30:a1:f0:6d:27:1e: 7f:03:5e:78:4f:9b:b4:6c:03:36:aa:6b:93:9d:ce: 65:80:00:4e:7c:33:d7:e0:fb:12:bf:13:c9:ff:31: b8:99:d2:62:d6:69:39:50:27:e0:a2:0e:11:a2:c1: cc:0f:23:91:7a:ee:9f:29:03:14:53:f5:6b:9e:37: c6:56:35:1a:e9:66:c3:57:a2:ad:40:13:74:ab:cc: c0:4d:73:67:72:64:7f:40:a7:9d:2b:e8:55:64:7e: 54:1c:2f:cb:0a:42:44:b1:d6:23:d5:bc:04:a8:ec: 39:10:a7:e0:7a:33:0b:a7:a3:9a:ad:b1:2e:53:21: a7:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:49:91:BB:9C:B7:F6:2C:84:6F:0E:F8:4B:A7:57:8A:16:C1:CE:AC X509v3 Authority Key Identifier: keyid:1C:34:4F:11:59:75:94:88:28:53:A7:95:81:DD:2B:F7:89:EE:B3:1F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDRPEVl1lIgoU6eVgd0r94nusx8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/f06191-b0a8-4950-b027-deec6fcf2d95/1/HDRPEVl1lIgoU6eVgd0r94nusx8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/98/f06191-b0a8-4950-b027-deec6fcf2d95/1/HDRPEVl1lIgoU6eVgd0r94nusx8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 82:f9:df:0b:b3:84:c7:bd:ee:bd:b9:93:66:87:82:06:a5:f6: c0:a2:9e:db:73:8c:99:73:ab:57:71:73:c0:91:81:27:55:9a: 5f:1e:8e:39:eb:9d:b6:a1:79:0d:16:46:cc:20:05:f4:94:8b: 79:33:75:72:95:ab:5b:97:be:ec:9b:55:65:4a:12:25:d8:e5: 9a:4e:91:92:d8:6d:b3:e7:e2:7d:32:e0:7c:6c:c8:9e:f9:69: 22:dc:c1:73:2b:80:ee:08:ba:c2:72:1b:bf:40:e3:8d:43:be: d5:91:5c:60:a7:a2:82:da:ee:e3:f7:08:cd:b7:3a:0e:4e:f7: ff:38:36:25:16:f3:36:b7:d7:4c:f1:fb:71:9e:eb:29:f6:c8: 23:b9:47:a3:77:e0:ff:bf:43:e1:43:b9:09:c2:0d:a8:20:f9: 13:66:e6:41:61:2f:ae:06:14:82:53:e1:39:96:a1:81:d3:f3: 46:25:df:25:2d:68:83:80:cf:57:72:b8:55:4d:34:d6:4a:5a: ad:9a:6d:22:22:96:3f:f1:3a:b7:53:e4:66:e3:75:86:97:1f: c8:55:14:df:8c:c2:29:e6:f0:92:57:ce:4e:b5:e6:84:4e:44: f4:eb:29:ca:1b:0c:15:ed:fb:7b:e6:18:1b:52:a5:e5:0c:75: e0:64:21:c9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0ZPzbTemC4rAb82v3F6x1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjMzQ0ZjExNTk3NTk0ODgyODUzYTc5NTgxZGQyYmY3ODll ZWIzMWYwHhcNMjUxMjA2MTYwMDUwWhcNMjUxMjA3MTYwMDUwWjAzMTEwLwYDVQQD Eyg2ZTQ5OTFiYjljYjdmNjJjODQ2ZjBlZjg0YmE3NTc4YTE2YzFjZWFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4qL1bhJT/SC97/ouPFLhJuTTflH ZSaylxz7t5sWGAzHW+3bEpgVX2eX76KBX9NyNIRkr+ke+ggIKFUXzCbxmX77NGkB R7DNNNsF7UkVwJO8l7JzGijREEXWmyqvBoTB6zwwAwwPbFRc/YVv2Y7ViB231yo2 iR2oQlF31eewDuEwofBtJx5/A154T5u0bAM2qmuTnc5lgABOfDPX4PsSvxPJ/zG4 mdJi1mk5UCfgog4RosHMDyOReu6fKQMUU/VrnjfGVjUa6WbDV6KtQBN0q8zATXNn cmR/QKedK+hVZH5UHC/LCkJEsdYj1bwEqOw5EKfgejMLp6OarbEuUyGnyQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFG5Jkbuct/YshG8O+EunV4oWwc6sMB8GA1UdIwQY MBaAFBw0TxFZdZSIKFOnlYHdK/eJ7rMfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSERSUEVWbDFsSWdvVTZlVmdkMHI5NG51c3g4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9mMDYxOTEtYjBhOC00OTUwLWIwMjct ZGVlYzZmY2YyZDk1LzEvSERSUEVWbDFsSWdvVTZlVmdkMHI5NG51c3g4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OC9mMDYxOTEtYjBhOC00OTUwLWIwMjctZGVlYzZmY2YyZDk1 LzEvSERSUEVWbDFsSWdvVTZlVmdkMHI5NG51c3g4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgvnfC7OE x73uvbmTZoeCBqX2wKKe23OMmXOrV3FzwJGBJ1WaXx6OOeudtqF5DRZGzCAF9JSL eTN1cpWrW5e+7JtVZUoSJdjlmk6Rkthts+fifTLgfGzInvlpItzBcyuA7gi6wnIb v0DjjUO+1ZFcYKeigtru4/cIzbc6Dk73/zg2JRbzNrfXTPH7cZ7rKfbII7lHo3fg /79D4UO5CcINqCD5E2bmQWEvrgYUglPhOZahgdPzRiXfJS1og4DPV3K4VU001kpa rZptIiKWP/E6t1PkZuN1hpcfyFUU34zCKebwklfOTrXmhE5E9OspyhsMFe37e+YY G1Kl5Qx14GQhyQ== -----END CERTIFICATE-----Generated at Sat Dec 6 22:21:41 2025 by rpki-client